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-- The MAILING DATE of this communication appears on the cover sheet with the correspondence address 
Period for Reply 


A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

I) 13 Responsive to communication(s) filed on 10 October 2007 . 
2a)K This action is FINAL 2b)D This action is non-final. 

3) Q Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) 0 Claim(s) l 3-7 and 9-31 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) E3 Claim(s) 1,3-7 and 9-31 is/are rejected. " 

7) D Claim(s) is/are objected to. 

8) D Claim(s) j are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10)13 The drawing(s) filed on 14 November 2003 is/are: a)IEI accepted or b)D objected to by the Examiner. 
Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

I I) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12)D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
a)D Alt b)D Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2. D Certified copies of the priority documents have been received in Application No. . 

3. Q Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 
Response to Arguments 

1 . Applicant's arguments filed 10/10/2007 have been fully considered but they are 
not persuasive. 

2. As to Applicant's argument that Freed does not create a service policy for a user 
from the authentication message, the Examiner respectfully disagrees. The Applicant is 
directed to at least column 14, lines 31-56 of the Freed patent. In the case of a premium 
user, certificates are created by a certificate authority (CA) and are used in the 
authentication messages to request network services, dynamically. The certificates 
"include a list of network services accessible to the user" (Freed, column 14, lines 42- 
43). The Examiner relies on the aforementioned list of network services as being 
equivalent to the instant claim limitation of "service policy", in that the list of network 
services outlines the services accessible to the user. 

3. As to Applicant's argument that, "there need not be any communication between 
the authentication server and the service providing server" (Remarks, page 14, lines 1- 
2), the Examiner points out that the features upon which applicant relies (i.e., no 
communication between the authentication server and the service providing server ) are 
not recited in the rejected claim(s). Although the claims are interpreted in light of the 
specification, limitations from the specification are not read into the claims. See In re 
Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993). 
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Response to Amendment 

4. The Examiner has stated the below column and line numbers as examples. All 
columns and line numbers in the reference and the figures are relevant material and 
Applicant should be taken the entire reference into consideration upon the reply to this 
Office Action. 

5. Claims 1, 3, 6, 7, 9-12, 14-16, 23 and 31 have been amended. 

6. Claims 2 and 8 have been cancelled. 

7. Claims 1, 3-7 and 9-31 are pending. 

Information Disclosure Statement 

8. No Information Disclosure Statement was submitted with the Amendment. 

Claim Objections 

9. In light of the amendments, the previous objections to the claims have been 
withdrawn. 

1 0. Claims 9, 27, 29 are objected to because of the following informalities: 
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a. As to claim 9, the claim depends from claim 8, which is cancelled. For 
purposes of examination, the Examiner assumes that the claim depends from 
claim 7. 

b. As to claim 27, the limitation "said user authentication request messages" 
in lines 2-3 of the claim, lacks antecedent basis. 

c. As to claim 29, the limitation "said user authentication request messages" 
in lines 2-3 of the claim, lacks antecedent basis. 

Appropriate correction is required. 

Claim Rejections - 35 USC §112 

11. In light of the amendments, the previous 35 USC 112, 2 nd paragraph rejections of 
claims 6, 15, 16, 26 and 31 have been withdrawn. 

Claim Rejections - 35 USC § 102 


12. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2). a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21 (2) 
of such treaty in the English language. 
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13. Claims 1, 3-7 and 9-31 are rejected under 35 U.S.C. 102(e) as being anticipated 
by US Patent No. 7,073,055 to Freed et al. (hereinafter Freed), 
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As to claim 1, Freed teaches: 

a. Receiving authentication messages sent from a user to an authentication 
server (RADIUS server receives authentication messages initiated by a user) 
(Freed, column 13, lines 18-65). 

b. Determining from said authentication messages user identifiers and 
service attributes associated with said user (premium service users transmit 
certificates that dynamically request network services) (Freed, column 14, lines 
31-43). 

c. Creating a user service policy entry in a user policy table for said identified 
user contained said service attributes (network service provider creates a user 
profile on the network server) (Freed, column 18, lines 1-27). 

d. Consulting said user policy table to determine how to manage said user 
traffic subsequent to said user authentication messages (user profile is used to 
determine the user's access to network services) (Freed, column 18, lines 28- 
42). 

e. Managing subsequent user traffic based on said consulting step (user 
profile is used to determine the user's access to network services) (Freed, 
column 18, lines 28-42). 
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As to claim 3, Freed teaches said user policy table is located within said service 
policy director (authorization records are stored in the network service provider entity) 
(Freed, column 19, lines 13-21). 

As to claims 4, 10 and 14, Freed teaches said service policy director offers 
internal network services comprising at least one of bandwidth management (user 
profile attributes include access-rate settings) (Freed, column 14, lines 21-23). 

As to claims 5, 9 and 13, Freed teaches said authentication messages are using 
any of the Radius protocol (Freed, column 13, lines 18-48). 

As to claims 6, 11 and 15, Freed teaches proxy mode, wherein the authentication 
messages in a provider network pass through the service policy director, said network 
device modifies IP addresses of said authentication messages without any modification 
to the data of said authentication messages (server acts as a proxy to other servers) 
(Freed, column 13, lines 18-47). 

As to claim 7, Freed teaches: 

a. Determining by the service policy director a user policy table based on an 
at least an initial authentication message sent from a user to an authentication 
server (network service provider creates a user profile on the network server) 
(Freed, column 18, lines 1-27). 
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b. Identifying a user originating said network user traffic (RADIUS server 
authenticates user accessing the network) (Freed, column 14, lines 8-30). 

c. Consulting the user policy table to locate a user service policy 
corresponding to said user (Freed, column 18, lines 28-42). 

d. Managing said network user traffic based on said consulting step by 
forwarding network user traffic to a requested server (premium user is granted 
access to requested network services provided the user is properly 
authenticated) (Freed, column 14, lines 18-56). 

As to claim 12, Freed teaches: 

a. Receiving authentication messages for a user at said service policy 
director (ISP server receives authentication messages initiated by a user) (Freed, 
column 13, lines 18-65). 

b. Determining user identifies and service attributes associated with said 
user from at least a first authentication message (premium service users transmit 
certificates that dynamically request network services) (Freed, column 14, lines 
31-43). 

c. Creating a user service policy entry in a user policy table for said identified 
user based on said service attributes (network service provider creates a user 
profile on the network server) (Freed, column 18, lines 1-27). 

d. Consulting said user policy table to determine how to manage said user 
traffic subsequent to said user authentication messages (user profile is used to 
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determine the user's access to network services) (Freed, column 18, lines 28- 
42). 

e. Managing subsequent user traffic based on said consulting step (user 
profile is used to determine the user's access to network services) (Freed, 
column 18, lines 28-42). 


As to claim 16, Freed teaches: 

a. A user request-issuing device (CPE) (Freed, column 6, lines 45-54 and 
figure 1). 

b. A service provider network over which user authentication messages and 
user traffic originated by said user request-issuing device is transmitted (ISP) 
(Freed, column 14, lines 8-17 and figure 5). 

c. An authentication server to which said user request-issuing device 
attempts to connect and by which said user request-issuing device is 
authenticated and registered (RADIUS server) (Freed, column 13, lines 18-48 
and figure 5). 

d. A network device independent of said authentication server including a 
service policy director enforcing a service policy for said user request-issuing 
device, said network device receiving the authentication messages and creating 
the service policy therefrom (network service provider creates a user profile on 
the network server) (Freed, column 18, lines 1-27). 
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e. Wherein said user request-issuing device is included in at least a network 
access server of a service provider network or in a user network (CPE is 
connected to network via a cable modem (CM)) (Freed, column 6, lines 45-54 
and figure 5). 

As to claim 17, Freed teaches said service policy director includes a user policy 
table (user profile in network service provider entity) (Freed, column 18, lines 10-27). 

As to claim 18, Freed teaches said policy table includes user identifier 
information and service attribute information (Freed, column 18, lines 10-27). 

As to claim 19, Freed teaches said user identifier information includes at least an 
Internet/intranet address (IP address is part of the identification of the user) (Freed, 
column 11, lines 44-56). 

As to claim 20, Freed teaches said user identifier information a username 
(profiles are user identity which can include a username) (Freed, column 13, lines 18- 
47). 

As to claim 21 , Freed teaches said attribute information includes any one or more 
of the following: access privileges parameters, traffic logging mechanisms and user 
activity statistics entitlement parameters, security services entitlement parameters, or 
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service quality level parameters (service parameters are specified in the user profile) 
(Freed, column 18, lines 10-42). 

As to claim 22, Freed teaches said service quality level parameters include any 
one or more of the following: a bandwidth limit, a bandwidth guarantee, or a bandwidth 
priority (maximum bandwidth is defined) (Freed, column 19, lines 1-3). 

As to claim 23, Freed teaches said service attributes define services offered by 
said service policy director, said services including any one or more of the following: 
classification of network user traffic, modification of network user traffic, forwarding of 
network user traffic, or logging of single network user traffic statistics (at least two types 
of network service: normal service type and premium service type) (Freed, column 17, 
lines 40-63 and figures 7A and 7B). 

As to claim 24, Freed teaches said network device offers internal network 
services including at least one of bandwidth management, access control or network 
usage statistics (network entities have an internal bandwidth manager) (Freed, column 
8, lines 5-18). 

As to claim 25, Freed teaches a plurality of said service policy directors reside on 
a network (network is composed of a plurality of operational, administrative and 
maintenance servers) (Freed, column 7, lines 23-52). 
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As to claim 26, Freed teaches said network device including said service policy 
director functioning in a transparent mode, wherein the authentication messages in a 
provider network pass through the network device without any modification to the IP 
addresses and data of said authentication messages (the network device does not 
modify the IP address or data of either the Access-Accept or Access-Reject messages) 
(Freed, column 13, line4-column 14, line 56). 

As to claim 27, Freed teaches said service policy director functioning in said 
transparent mode receives said user authentication request messages addressed to 
said authentication server and forwards said user authentication request messages to 
said authentication server (ISP directs access request messages from the user to 
RADIUS for authentication purposes) (Freed, column 13, line 4-column 14, line 56). 

As to claim 28, Freed teaches said network device including said network device 
including said service policy director functioning in a proxy mode, wherein the 
authentication messages in a provider network pass through the network device, said 
network device modifies IP addresses of said authentication messages without any 
modification to the data of said authentication messages (server acts as a proxy to other 
information servers) (Freed, column 13, lines 18-47). 
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As to claim 29, Freed teaches said service policy director functioning in said 
proxy mode receives said user authentication request messages addressed to said 
service policy director and forwards it to said authentication server (server acts as a 
proxy to other information servers) (Freed, column 13, line 4-column 14, line 56). 

As to claim 30, Freed teaches said network device comprising said service policy 
director functioning in a passive mode, wherein the authentication messages in a 
provider network are copied to the network device (a first network device creates the 
certificates and these certificates are transferred to RADIUS server for authentication) 
(Freed, column 18, lines 10-42). 

As to claim 31, Freed teaches a user request-issuing device operatively 
connected to a service policy director (CPE connected to an ISP through a CM) (Freed, 
column 6, lines 45-54 and figure 1), said service policy director connected to an 
authentication server (RADIUS server) (Freed, column 13, lines 18-48 and figure 5), 
and said authentication server being operatively connected to said user request-issuing 
device (CPE connected to RADIUS server through ISP and CM interface) (Freed, 
column 6, lines 45-54 and column 13, lines 4-17), wherein said service policy director 
receives a user authentication request message addressed to said authentication 
server, forwards said user authentication request messages to said authentication 
server (ISP directs access request messages from the user to RADIUS for 
authentication purposes) (Freed, column 13, line 4-column 14, line 56)., wherein said 
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service policy director creates a service policy from the received authentication request 
message (network service provider creates a user profile on the network server) (Freed, 
column 18, lines 1-27). 


Conclusion 


14. Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to William S. Powers whose telephone number is 751 272 
8573. The examiner can normally be reached on m-f 7:30-5:00. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kambiz Zand can be reached on 571 272 381 1 . The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



William S. Powers 

Examiner 
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